Can we really trust cloud computing? Or perhaps more importantly do you trust the cloud? And does the perceived lack of transparency, combined with recent negative headlines, impact future investments...

Give me a break! In the next month, students will get the week off for spring break—a much needed reward after months of hard work and, for some, gnarly winter weather. Spring break means free time,...

The Internet of Things (IoT) is upon us and it is not only moving into our homes through our networks and refrigerators, it is also moving into our bodies through networked medical devices. Wearable, temporarily...

Microsoft Office scripting malware has become more and more common and aggressive lately as malware authors constantly develop new techniques to evade detection and deceive users.
This kind of malware,...

Networked Healthcare and the Internet of Things: Rewards versus Risks

‘Banking’ Malware Dridex Arrives via Phishing Email

Is There Something Phishy In Your Inbox?

Phishing is a widespread problem. According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing.

Can you tell if this email is legitimate or not?

Think about this:

How many packages does your company receive in a typical day? Likely multiple, if not dozens or more.

How many shipping confirmation emails does your company receive? Probably almost as many as you have packages coming in.

Are you confident that your employees are able to pick out one phishing email from the rest of their inbox?

Security is a year-round problem, and cybercriminals have become adept at using social engineering tactics to make their campaigns more effective. For example: they know that with more people buying products online, more people will be receiving shipping confirmation emails. Because of trends like this, even untargeted phishing emails have a higher chance of finding an unwary victim.

In addition, the impact of a cyberattack can be devastating. A successful attack can lead to the leakage of information such as credit card numbers, account credentials, social security numbers, intellectual property and financial information about your company, employees or customers. What impact would this have on your business?

Some common signs of a phishing email include:

Attachments that seem out of place

Links that send you to 3rd party pages, especially if the true URL does not match what is displayed

Sender email domains that don’t match the company in the email

Requests for login information or other sensitive data

Asking you to take immediate action

What can you do to protect your company?

First, implement a strong security solution that secures both inbound and outbound email traffic. Capabilities to look for in a best-in-class solution include:

Click-time protection that detects malicious links in real time as you click on them

Next, set up a security policy and train employees to spot potential security violations and report them. In addition, provide employees with tools such as the ClickProtect Safe Preview, a feature of McAfee Email Protection, so they can safely preview pages and be alerted to malicious links in real time before landing on a potentially harmful website.

Lastly, be aware of social engineering that can leave your organization vulnerable. What are the timely events for your business that cybercriminals can leverage? For example, cybercriminals can use the news of an upcoming IPO to send emails pretending to be from the financial companies involved. Being alert to potential phishing opportunities makes it easier to spot attempted attacks.